Translate security policies and frameworks into practical implementation plans across IT, EA, and Cloud teams
Drive execution of key initiatives:
Vulnerability management
Patch compliance
Endpoint security
Identity & access management
Establish and enforce security standards across systems and platforms
Lead implementation of global compliance frameworks:
CMMC
NIST 800-171 / NIST CSF
Regional regulatory requirements (e.g., GDPR, UK/EU compliance)
Translate controls into operational processes and technical enforcement
Ensure audit readiness, evidence collection, and control validation + Maintain consistency of compliance practices across global teams
Own vulnerability management program
Define remediation SLAs and track execution
Partner with IT, Cloud, and Application teams to drive remediation
Act as the bridge between InfoSec, IT, EA, Cloud, and regional teams
Manage and coach a team of 2 InfoSec professionals

Requirements

12+ years of experience in Information Security
Strong hands-on experience in:
Vulnerability management in Rapid7
Endpoint security and patching
Identity and access management
Proven experience implementing:
CMMC
NIST 800-171 / NIST CSF
Experience driving execution across multiple teams and functions
Strong understanding of IT infrastructure, cloud environments, and enterprise systems
Experience managing small teams

Benefits

retirement plan
healthcare coverage
broad range of other benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementendpoint securitypatch complianceidentity and access managementCMMCNIST 800-171NIST CSFaudit readinessremediation SLAsIT infrastructure

Soft Skills

leadershipcoachingcollaborationcommunicationteam management